$ rpki-client -vvf rpki.apnic.net/member_repository/A91B861D/D2997F60ABE311EB9C2B1156C4F9AE02/2496CA7E557E11EF8AC47D15C4F9AE02.roa File: 2496CA7E557E11EF8AC47D15C4F9AE02.roa (raw, json) Hash identifier: Si88NstkAfEiBBnqBOs/DXYPITXuyjYlx7/3WbtXefA= Subject key identifier: 45:7E:50:99:BB:8B:26:0E:AE:B9:63:AF:51:10:12:DD:8D:B5:EB:1A Certificate issuer: /CN=A91B861D/serialNumber=E6123F49EAEF664C22F94CD5EBBAEACED387A16F Certificate serial: 05BF Authority key identifier: E6:12:3F:49:EA:EF:66:4C:22:F9:4C:D5:EB:BA:EA:CE:D3:87:A1:6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5hI_ServZkwi-UzV67rqztOHoW8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B861D/D2997F60ABE311EB9C2B1156C4F9AE02/2496CA7E557E11EF8AC47D15C4F9AE02.roa Signing time: Fri 24 Jan 2025 23:02:14 +0000 ROA not before: Fri 24 Jan 2025 23:02:14 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 24567 IP address blocks: 103.146.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B861D/D2997F60ABE311EB9C2B1156C4F9AE02/5hI_ServZkwi-UzV67rqztOHoW8.crl rsync://rpki.apnic.net/member_repository/A91B861D/D2997F60ABE311EB9C2B1156C4F9AE02/5hI_ServZkwi-UzV67rqztOHoW8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5hI_ServZkwi-UzV67rqztOHoW8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:05:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1471 (0x5bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B861D Validity Not Before: Jan 24 23:02:14 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67941bf6-e82a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8b:fa:55:99:66:7c:38:e0:58:60:19:a2:fe: 91:01:60:90:c0:00:16:50:8d:49:1c:b4:75:54:8f: e3:df:5d:4f:98:25:dd:b7:c2:b0:48:11:7d:97:98: bb:b6:e9:2f:b7:6e:43:33:ef:36:b5:83:77:3c:53: e1:86:7f:6c:d3:81:60:0b:72:28:5b:ee:38:fe:5c: 04:01:f8:a7:23:62:e9:a3:90:04:4c:9e:4d:14:35: 39:04:e2:c4:05:9a:33:7b:02:43:3e:0f:33:1c:8e: 02:35:df:7c:e5:73:50:d6:fd:cd:19:85:f9:da:86: d8:f3:63:15:ed:61:06:73:3f:d0:3f:23:96:c7:36: de:69:7f:6a:7f:db:6b:f0:cf:2e:7a:ee:ef:e6:58: 86:08:9e:5b:df:87:ea:18:bc:1a:48:03:b5:bd:d2: 69:3c:e4:89:43:d4:e4:bd:87:05:ec:13:d9:ad:c0: f3:8b:21:39:a6:b1:9a:b5:41:45:e4:4f:c1:6c:f7: bd:23:60:6d:d2:04:d8:79:56:59:8c:ae:9e:4d:4d: e9:e8:07:22:ae:8d:40:f7:ad:0f:4e:e5:d9:3e:1e: db:02:49:46:d4:3e:22:c5:6a:d7:67:dc:34:f4:c1: c6:71:64:2a:27:b4:a2:5d:9f:05:75:d2:f4:c6:dd: 84:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:7E:50:99:BB:8B:26:0E:AE:B9:63:AF:51:10:12:DD:8D:B5:EB:1A X509v3 Authority Key Identifier: keyid:E6:12:3F:49:EA:EF:66:4C:22:F9:4C:D5:EB:BA:EA:CE:D3:87:A1:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B861D/D2997F60ABE311EB9C2B1156C4F9AE02/5hI_ServZkwi-UzV67rqztOHoW8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5hI_ServZkwi-UzV67rqztOHoW8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B861D/D2997F60ABE311EB9C2B1156C4F9AE02/2496CA7E557E11EF8AC47D15C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.146.209.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:96:a2:81:c1:45:89:cb:86:82:ca:d0:a1:93:1a:3e:4b:70: 24:fc:66:d5:12:5e:5a:4d:06:86:ff:67:b5:e7:19:12:eb:b7: 72:60:50:4a:43:23:40:d6:7e:f6:fd:92:af:a4:fd:24:61:ea: 85:f9:4a:88:e4:27:ff:36:47:bc:7e:91:cd:f1:72:7c:0f:c6: fb:63:8a:99:60:16:da:0c:b8:43:2b:0d:36:c5:fe:96:7f:67: 0c:3f:96:68:c5:d7:1d:8a:66:42:8e:56:03:85:d4:79:56:da: c4:77:01:06:0f:c4:db:8d:fb:65:a7:2b:60:e7:1e:51:dc:b1: ff:37:80:49:8b:4f:96:e3:9a:05:ab:29:78:86:9b:5f:69:0c: 27:bc:0a:25:49:c2:8f:05:a2:87:e2:08:84:24:61:4c:eb:d4: 42:9e:dd:00:5b:80:0c:36:64:63:b4:37:6d:4c:05:5c:20:c1: a8:d9:59:92:e6:e7:cf:39:00:0a:50:ae:94:b9:18:e2:e8:43: 2c:c0:e4:03:d7:81:42:f5:c8:2e:4d:cd:87:42:c7:fc:5e:70: 11:9d:da:f9:ec:54:c5:80:df:ad:d0:6a:2d:29:de:de:eb:01: 7e:50:86:90:f7:e4:37:8f:49:79:b3:88:fd:63:0b:77:aa:d2: 7e:0a:70:f5 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg2MUQxMTAvBgNVBAUTKEU2MTIzRjQ5RUFFRjY2NEMyMkY5NENENUVCQkFFQUNF RDM4N0ExNkYwHhcNMjUwMTI0MjMwMjE0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzk0MWJmNi1lODJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArYv6VZlmfDjgWGAZov6RAWCQwAAWUI1JHLR1VI/j311PmCXdt8KwSBF9l5i7 tukvt25DM+82tYN3PFPhhn9s04FgC3IoW+44/lwEAfinI2Lpo5AETJ5NFDU5BOLE BZozewJDPg8zHI4CNd985XNQ1v3NGYX52obY82MV7WEGcz/QPyOWxzbeaX9qf9tr 8M8ueu7v5liGCJ5b34fqGLwaSAO1vdJpPOSJQ9TkvYcF7BPZrcDziyE5prGatUFF 5E/BbPe9I2Bt0gTYeVZZjK6eTU3p6Aciro1A960PTuXZPh7bAklG1D4ixWrXZ9w0 9MHGcWQqJ7SiXZ8FddL0xt2EGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEV+UJm7 iyYOrrljr1EQEt2NtesaMB8GA1UdIwQYMBaAFOYSP0nq72ZMIvlM1eu66s7Th6Fv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODYxRC9EMjk5N0Y2MEFC RTMxMUVCOUMyQjExNTZDNEY5QUUwMi81aElfU2Vydlprd2ktVXpWNjdycXp0T0hv VzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVoSV9TZXJ2Wmt3aS1VelY2N3JxenRPSG9XOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg2MUQvRDI5OTdGNjBBQkUzMTFFQjlDMkIxMTU2QzRGOUFFMDIvMjQ5NkNBN0U1 NTdFMTFFRjhBQzQ3RDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABnktEwDQYJKoZIhvcNAQELBQADggEBAFyWooHBRYnLhoLK 0KGTGj5LcCT8ZtUSXlpNBob/Z7XnGRLrt3JgUEpDI0DWfvb9kq+k/SRh6oX5Sojk J/82R7x+kc3xcnwPxvtjiplgFtoMuEMrDTbF/pZ/Zww/lmjF1x2KZkKOVgOF1HlW 2sR3AQYPxNuN+2WnK2DnHlHcsf83gEmLT5bjmgWrKXiGm19pDCe8CiVJwo8Foofi CIQkYUzr1EKe3QBbgAw2ZGO0N21MBVwgwajZWZLm5885AApQrpS5GOLoQyzA5APX gUL1yC5NzYdCx/xecBGd2vnsVMWA363Qai0p3t7rAX5QhpD35DePSXmziP1jC3eq 0n4KcPU= -----END CERTIFICATE-----Generated at Sun Apr 6 00:27:05 2025 by rpki-client